Skip to Content.
Sympa Menu

shibboleth-dev - Re: SAML delegation profiles draft-01 uploaded

Subject: Shibboleth Developers

List archive

Re: SAML delegation profiles draft-01 uploaded


Chronological Thread 
  • From: Francisco Queiros Pinto <>
  • To: Shibboleth Development <>
  • Subject: Re: SAML delegation profiles draft-01 uploaded
  • Date: Sun, 9 Oct 2005 20:57:46 +0100
On 1 Oct 2005, at 22:59, Scott Cantor wrote:

A first draft of my proposal on delegation is available from:
http://shibboleth.internet2.edu/docs/draft-cantor-saml-sso- delegation-01.pdf

If somebody wants to redline it or contribute anything, the OpenOffice doc
is:
http://shibboleth.internet2.edu/docs/draft-cantor-saml-sso- delegation-01.odt

There are several profiles presented, some of them a combination of the
others or combined with existing SAML profiles. It's fairly complete
technically, though it lacks some detail and has some TBD sections scattered
in it.

As indicated by the name, this is an individual submission at this time and
there is no commitment implied to actually implementing any of this stuff.

Sorry for the duplicate email, but some people on shib-users apparently were
interested in seeing this the other day, and I figured not everybody would
be on shib-dev yet. Discussion of it should take place on shib-dev.

-- Scott




Hi Scott,

I finally had some spare time to read properly the document (after skimming through it last Sunday). I have some general and specific questions/comments.

I think this document reveals the right direction for Shibboleth to address non-Web based use cases. All use cases I can think of are addressed by these set of profiles.

Which profiles have to be implemented by Shibboleth? Just the optional features and ECP, or all the others as well?

Section 2.1, Lines 189-226
Is it right that the explanation of sequence (missing) diagram is a combination of the SAML 2.0 SSO profile in general and the ECP profile when starting at Item 4. If this is the case, shouldn't they be separated?

Section 3.3
It's not clear to me about which kind of use cases this profile (SAML Token Service) addresses. Nay examples? Is this a complement or an extra profile?

Section 3.4
This is an excellent extra profile, which will be very useful for SRW and WSRP use cases in particular. It can also be seen as a reference specification for other protocols.

Can we assume this will be Shibboleth 2.0? Any idea about a possible roadmap? How can we contribute?
Regards,

--
Francisco



Archive powered by MHonArc 2.6.16.

Top of Page